Why cyber attacks are on the rise in healthcare
Earlier this year, a cyber attack on hospitals in Melbourne’s Eastern Health District forced a number of hospitals to shut down their computer systems. The incident removed staff access to patient records, booking and management systems and prompted the cancellation of non-urgent surgeries, causing additional frustration for patients whose procedures had already been delayed due to COVID-19.
Cyber security experts have suggested that ransomware was the likely cause of the incident. Ransomware involves malicious software (malware) infecting a computer and holding it ‘hostage’ by demanding payment in order for the system to become usable again. It’s a criminal money-making scheme that has the ability to encrypt individual files or lock entire systems, and is generally installed onto a computer by clicking on a deceptive link in an email, instant message or website.
A similar cyber attack occurred two years ago, where hospitals within the Gippsland Health Alliance and South West Alliance of Rural Health (SWARH) networks had to disconnect their systems to isolate a ransomware infection, resulting in systems remaining offline a month later. These incidents highlight how cybercrime is continuing to impact a vulnerable industry.
Health sector remains the highest reporter of breaches in Australia
The Office of the Australian Information Commissioner (OAIC), which promotes and upholds privacy and information access rights, confirmed that the health sector remains the highest reporting industry sector with 23% of all breaches.
In July–December 2020, 539 breaches were notified under the scheme, an increase of 5% from the January to June 2020 period. And the leading source of data breaches was malicious or criminal attacks, accounting for 58% of notifications.
According to the Australian Cyber Security Centre (ACSC) there has been a “significant increase in healthcare or COVID-19 themed malicious cyber activity, including targeting of the aged care and healthcare sectors by financially motivated cyber criminals using the ‘Maze’ ransomware.”
The report states that “cybercriminals view the aged care and healthcare sectors as lucrative targets for ransomware attacks…because of the sensitive personal and medical information they hold, and how critical this information is to maintaining operations and patient care. A significant ransomware attack against a hospital or aged care facility would have a major impact.”
Healthcare is an attractive target for cyber criminals because medical data is between ten and twenty times more lucrative than credit card or banking details. Stolen health records can be sold to fund criminal activity and facilitate identity theft, blackmail or extortion. Valuable health-related data is generally accompanied by personally identifiable information (PII) which can be bought and sold illegally, on the dark web.
The digitisation of healthcare is linked to security risks
The other key factor in the increase in cyber attacks is the digital transformation of healthcare over recent years, which has accelerated since COVID-19. Transmitting health information and maintaining patient records digitally is now a mainstay of the industry – but these advances in technology also present opportunities for patient safety and privacy to be compromised.
Casey Ellis, Founder and CEO of Bugcrowd, explains in a recent panel interview with MedicalDirector, that quickly introducing new ways of working can introduce security risks.
“We’ve been forced into a lot of changes in how we operate, how we deploy systems and how we attribute trust, especially in the healthcare industry. Speed is the natural enemy of security. Getting external input on threats and different risks that you might not have seen yourself is a really valuable thing because that’s not really what you’re thinking about as a GP. You’re thinking about how to care for your patients and how to grow and sustain your business” Ellis says.
Comprehensive security solutions, such as MedicalDirector Shield, can be an efficient way of protecting your practice. MedicalDirector Shield provides protection on six different fronts:
- An initial security assessment to understand where and how your practice may be vulnerable to cyber attacks
- A physical intrusion detection device that protects your devices by blocking potential intrusions
- 24/7 cyber security monitoring by an experienced Cyber Security Operations Centre
- Monthly incident reporting with advanced insights on cyber security incidents and network weaknesses
- Online cyber security training that gives your team the training and tools to reduce the likelihood of unintentional data breaches, and
- Guides to help you respond to incidents so you know exactly what to do in the event of a cyber security incident.
As everyday healthcare becomes increasingly digitised, data security should be a top priority for healthcare providers. With cyber attacks in healthcare increasing and becoming more and more sophisticated, getting outside expertise is critical in minimising disruption and ensuring the safety of your patients and staff.